Using AI to to validate your code is not an option anymore. Hope Core devs are doing the same.

You guys are amazingly awesome This is sort of like an insurance bill I mean a big one but still Could have been dramatically worse To learn and fix things based on this lesson at $600K or whatever I guess now it's about 800k in the big scheme of things relatively cheap And I absolutely adore the transparency here

Bisq's naive trust in code, a perfect playground for NSA-funded AI exploits, courtesy of the intelligence apparatus fueling the surveillance state.

well done in a bad situation all OSS builders can learn from

Damn. At least you guys have the BSQ asset so the DAO can make users good.

That's a classic textbook bug you learn to test for in software developer class. And as a developer, it's edge cases like this you are always thinking about. Similar to testing strings containing apostrophes when handling apostrophe delimited strings. Or semicolon delimited name/value pairs containing semicolons. I wonder if this code was machine generated. There is a bug bounty bonanza right now due to machines creating bugs that are traditionally rare because the human developers had those fail points hammered into them as junior devs.

That multisig exploit pattern reminds me of how AI-assisted attacks are evolving—attackers now use bots to probe for edge cases in protocols. I read an article recently showing how prompt injection can manipulate decentralized systems in ways humans wouldn’t catch. The Bisq case feels like an early example of this shift.

The Board

AI Prompt Injection Attacks: How They Work and Why They Matter [2026]

Prompt injection is the #1 vulnerability in LLM applications. Technical breakdown of attack vectors, real-world exploits, and defense strategies fo...

Bisq wallet itself at risk? Or only when active trades are open?

Oh my, it was possible to identify transactions across a transparent blockchain. One would think that wisest option is to simply stop endorsing that transparent fedcoin but alas, seems like mission impossible to normies. Carry on. Have fun.

Right, it's a contract according to the spec, but wasn't enforced. Don't think the buggy code was generated since it's a leftover from the old protocol (that's pre LLMs catching on).

We are looking for someone who can lend our holding company 300,000 US dollars. We are looking for an investor who can lend our holding company 300,000 US dollars. We are looking for an investor who can invest 300,000 US dollars in our holding company. With the 300,000 US dollars you lend us, we will open a game programming and e-commerce company. We will use the 300,000 US dollars you invest in our holding company to establish a game programming company and an e-commerce company. With the 300,000 US dollars budget you will provide to our holding company, we will open a game programming and e-commerce company. Why would we establish a company in these two business sectors? The game company we will establish will produce our own game projects and generate significant revenue by publishing our games for a fee on major gaming platforms such as the Play Store, Apple Store, Microsoft Store, and Steam. We will release the game projects we produce as paid downloads on digital stores, generating significant revenue by charging a fee for each download. The e-commerce company we will establish will promote our game projects and increase the download rate of our game. The e-commerce company we will establish will advertise our game projects, helping to introduce our game to a wider audience, and in this way, the download rate of our game will increase rapidly. In short, our game company will produce game projects and publish these games on digital stores. Our e-commerce company will promote these game projects, increasing download rates and thus generating significant revenue. By working in coordination between our game company and our e-commerce company, we will create great games and the download rates of the games we make will increase rapidly. Today, the gaming industry is a large, innovative sector that generates significant returns, so by focusing on the gaming industry, we will achieve substantial income. Because we have a strong infrastructure and advertising network, and an expert team, we will be able to grow the company rapidly by focusing on the gaming sector. Since we have the infrastructure ready in the gaming industry, we will be making big money in a short time. Because the gaming industry is a highly in-demand sector, and because we have a strong infrastructure and foundation, entering this sector will allow us to generate significant revenue. How will we advertise the game projects we will produce? We will increase the number of downloads for our game using 5 different advertising tactics. Thanks to the 5 different advertising tactics we will use, our game will be downloaded by an average of 10,000,000 people in just 2 months. Thanks to our strong advertising strategy, we will increase our game's download rate in a short time. 1. Advertising strategy: By continuously promoting our game on global social media platforms like Facebook, Instagram, YouTube, X, Telegram, LinkedIn, and TikTok, we will attract a large audience to our game. 2. Advertising strategy: We have 170 unique social media applications for each country. By using these applications, we will promote our game to many countries and increase its international popularity. 3. Advertising Strategy: Our game will feature a referral system that will benefit both existing and new users. The system will work as follows: each registered user will receive a unique referral code, which they can share with others to bring in new customers. When a new user registers, they will enter this referral code in the designated field. The system will automatically recognize the code, and the user who shared the code will receive 2 US dollars for each new customer they bring in. Additionally, the new user who registers using the referral code will receive a 20% discount on the game purchase. This will motivate existing users to recommend the game to more people by earning income from their referrals, and will make new users more willing to join thanks to the discount. This will create a rapid and natural spread among users, allowing our game to reach a wider audience and grow quickly. 4. Advertising strategy: By using advertising platforms like YouTube Ads, Google Ads, Facebook Ads, and Instagram Ads, we will have our game's promotional video viewed by millions, which will increase the number of downloads. 5. Advertising strategy: We will place advertisements for our game on blogs and news websites. Thanks to our strong advertising network and strategy, our game will receive 10,000,000 downloads in just 2 months. By releasing our game on multiple app stores instead of just one, the download rate will increase even more. We will release our game on major digital stores such as the Play Store, Microsoft Store, App Store, and Steam. By implementing these 5 advertising tactics, we will increase our game's download rate in a short time. We aim for our game to have an average of 10,000,000 downloads within 2 months. How will we generate revenue from the game project we will produce? 1. Our game will cost 7 US dollars. Since it will be a paid game, we will earn money for each download. 2. The game will feature a purchase system. Some characters, weapons, and vehicles in the game will be offered for a fee. Users can purchase this content for a certain price to strengthen their characters and improve their performance and progress in the game more quickly and effectively. Thanks to the in-game purchase feature, we will generate significant revenue. 3. By sharing our game on multiple digital stores instead of just one, we will further increase our revenue. 4. We will add short ads to our game using Google AdMob and generate revenue from these ads. 5. When our game's download numbers increase, we will advertise the products of companies for a fee. Today, the gaming market is a highly demanded sector, and by entering this market, we will generate significant revenue in a short time. With our expert game programming and e-commerce team, we will create great games, attract large audiences to our games, and generate significant profits. Thanks to our strong advertising network and advertising tactics, our game will receive an average of 10,000,000 downloads in just 2 months. Since we will be releasing our game on many digital stores, our game will definitely get a total of 10,000,000 downloads. We will have earned a total average of 70,000,000 US dollars from our game. Since the download price of our game will be 7 US dollars, we will earn 70,000,000 US dollars just from the number of downloads. Even companies that make simple games are earning billions of dollars these days. The gaming industry is a very profitable sector. By investing in our holding company, you too will earn significant returns and increase your wealth. How much revenue will you generate by investing in our game project? If you lend our holding company 300,000 US dollars, I will return your money as 950,000 US dollars on February 26, 2027. If you invest 300,000 US dollars in our holding company, we will return your money as 950,000 US dollars on February 26, 2027. I will invest the 300,000 US dollars you lent to our holding company in the gaming sector, increase its value, and return it to you as 950,000 US dollars on February 26, 2027. I will repay the 300,000 US dollars you lent to our holding company as a loan to you as 950,000 US dollars on February 26, 2027. You will receive your money back as 950,000 US dollars on February 26, 2027. By investing in our holding company, you will have increased your money within a few months. How to contact us: To learn how you can lend our holding company 300,000 US dollars, please send a message to the WhatsApp number, Telegram username, or Signal number below. I will provide you with detailed information. To learn how you can invest 300,000 US dollars in our holding company, please send a message to the WhatsApp number, Telegram username, or Signal number below. I will provide you with detailed information. To learn how you can increase your money by investing 300,000 US dollars in our game project, send a message to the WhatsApp number, Telegram username, or Signal number below. I will provide you with detailed information. For detailed information, please send a message to the WhatsApp number, Telegram username, or Signal number below. I will provide you with detailed information. To learn how you can lend our holding company 300,000 US dollars and to get more detailed information about our game project, please send a message to the WhatsApp number, Telegram username, or Signal number below. I will provide you with detailed information. My WhatsApp contact number: +212 619-202847 My Telegram username: @adenholding Signal contact number: +447842572711 Signal username: adenholding.88

We are looking for someone who can lend our holding company 300,000 US dollars. We are looking for an investor who can lend our holding company 300,000 US dollars. We are looking for an investor who can invest 300,000 US dollars in our holding company. With the 300,000 US dollars you lend us, we will open a game programming and e-commerce company. We will use the 300,000 US dollars you invest in our holding company to establish a game programming company and an e-commerce company. With the 300,000 US dollars budget you will provide to our holding company, we will open a game programming and e-commerce company. Why would we establish a company in these two business sectors? The game company we will establish will produce our own game projects and generate significant revenue by publishing our games for a fee on major gaming platforms such as the Play Store, Apple Store, Microsoft Store, and Steam. We will release the game projects we produce as paid downloads on digital stores, generating significant revenue by charging a fee for each download. The e-commerce company we will establish will promote our game projects and increase the download rate of our game. The e-commerce company we will establish will advertise our game projects, helping to introduce our game to a wider audience, and in this way, the download rate of our game will increase rapidly. In short, our game company will produce game projects and publish these games on digital stores. Our e-commerce company will promote these game projects, increasing download rates and thus generating significant revenue. By working in coordination between our game company and our e-commerce company, we will create great games and the download rates of the games we make will increase rapidly. Today, the gaming industry is a large, innovative sector that generates significant returns, so by focusing on the gaming industry, we will achieve substantial income. Because we have a strong infrastructure and advertising network, and an expert team, we will be able to grow the company rapidly by focusing on the gaming sector. Since we have the infrastructure ready in the gaming industry, we will be making big money in a short time. Because the gaming industry is a highly in-demand sector, and because we have a strong infrastructure and foundation, entering this sector will allow us to generate significant revenue. How will we advertise the game projects we will produce? We will increase the number of downloads for our game using 5 different advertising tactics. Thanks to the 5 different advertising tactics we will use, our game will be downloaded by an average of 10,000,000 people in just 2 months. Thanks to our strong advertising strategy, we will increase our game's download rate in a short time. 1. Advertising strategy: By continuously promoting our game on global social media platforms like Facebook, Instagram, YouTube, X, Telegram, LinkedIn, and TikTok, we will attract a large audience to our game. 2. Advertising strategy: We have 170 unique social media applications for each country. By using these applications, we will promote our game to many countries and increase its international popularity. 3. Advertising Strategy: Our game will feature a referral system that will benefit both existing and new users. The system will work as follows: each registered user will receive a unique referral code, which they can share with others to bring in new customers. When a new user registers, they will enter this referral code in the designated field. The system will automatically recognize the code, and the user who shared the code will receive 2 US dollars for each new customer they bring in. Additionally, the new user who registers using the referral code will receive a 20% discount on the game purchase. This will motivate existing users to recommend the game to more people by earning income from their referrals, and will make new users more willing to join thanks to the discount. This will create a rapid and natural spread among users, allowing our game to reach a wider audience and grow quickly. 4. Advertising strategy: By using advertising platforms like YouTube Ads, Google Ads, Facebook Ads, and Instagram Ads, we will have our game's promotional video viewed by millions, which will increase the number of downloads. 5. Advertising strategy: We will place advertisements for our game on blogs and news websites. Thanks to our strong advertising network and strategy, our game will receive 10,000,000 downloads in just 2 months. By releasing our game on multiple app stores instead of just one, the download rate will increase even more. We will release our game on major digital stores such as the Play Store, Microsoft Store, App Store, and Steam. By implementing these 5 advertising tactics, we will increase our game's download rate in a short time. We aim for our game to have an average of 10,000,000 downloads within 2 months. How will we generate revenue from the game project we will produce? 1. Our game will cost 7 US dollars. Since it will be a paid game, we will earn money for each download. 2. The game will feature a purchase system. Some characters, weapons, and vehicles in the game will be offered for a fee. Users can purchase this content for a certain price to strengthen their characters and improve their performance and progress in the game more quickly and effectively. Thanks to the in-game purchase feature, we will generate significant revenue. 3. By sharing our game on multiple digital stores instead of just one, we will further increase our revenue. 4. We will add short ads to our game using Google AdMob and generate revenue from these ads. 5. When our game's download numbers increase, we will advertise the products of companies for a fee. Today, the gaming market is a highly demanded sector, and by entering this market, we will generate significant revenue in a short time. With our expert game programming and e-commerce team, we will create great games, attract large audiences to our games, and generate significant profits. Thanks to our strong advertising network and advertising tactics, our game will receive an average of 10,000,000 downloads in just 2 months. Since we will be releasing our game on many digital stores, our game will definitely get a total of 10,000,000 downloads. We will have earned a total average of 70,000,000 US dollars from our game. Since the download price of our game will be 7 US dollars, we will earn 70,000,000 US dollars just from the number of downloads. Even companies that make simple games are earning billions of dollars these days. The gaming industry is a very profitable sector. By investing in our holding company, you too will earn significant returns and increase your wealth. How much revenue will you generate by investing in our game project? If you lend our holding company 300,000 US dollars, I will return your money as 950,000 US dollars on February 26, 2027. If you invest 300,000 US dollars in our holding company, we will return your money as 950,000 US dollars on February 26, 2027. I will invest the 300,000 US dollars you lent to our holding company in the gaming sector, increase its value, and return it to you as 950,000 US dollars on February 26, 2027. I will repay the 300,000 US dollars you lent to our holding company as a loan to you as 950,000 US dollars on February 26, 2027. You will receive your money back as 950,000 US dollars on February 26, 2027. By investing in our holding company, you will have increased your money within a few months. How to contact us: To learn how you can lend our holding company 300,000 US dollars, please send a message to the WhatsApp number, Telegram username, or Signal number below. I will provide you with detailed information. To learn how you can invest 300,000 US dollars in our holding company, please send a message to the WhatsApp number, Telegram username, or Signal number below. I will provide you with detailed information. To learn how you can increase your money by investing 300,000 US dollars in our game project, send a message to the WhatsApp number, Telegram username, or Signal number below. I will provide you with detailed information. For detailed information, please send a message to the WhatsApp number, Telegram username, or Signal number below. I will provide you with detailed information. To learn how you can lend our holding company 300,000 US dollars and to get more detailed information about our game project, please send a message to the WhatsApp number, Telegram username, or Signal number below. I will provide you with detailed information. My WhatsApp contact number: +212 619-202847 My Telegram username: @adenholding Signal contact number: +447842572711 Signal username: adenholding.88

No weaknesses were exposes in the internal wallet during this exploit, which only targeted the deposit tx construction. Wallet is expected to be not compromised, AI analysis is ongoing, yet, as always with hot wallets, only keep in there the funds that you need to keep there, in the case of Bisq only the funds you intend to sell right away, or those needed to cover deposits for your purchases.

Sad to see. I hope the attacker wasn't scummy enough to also hack themselves and seek reimbursement from the DAO.

@npub1sqn6...5net stated previously this only affected version 1 who did trades after may 1st bisq 2 and mobile are different code can this be confirmed again by team? I dont see it above... Also publishing the report also blog post would be good idea. sorry this happened guys, but bisq1 is the older version of the protocol but 10+ coins gone fucking sucks for everyone involved

11 BTC is a serious hit—multisig exploits are getting creative with those micro-outputs. The AI-assisted angle tracks with what I’ve seen; there’s a piece on how prompt injection is evolving beyond text into system-level attacks (see ‘AI Prompt Injection Attacks 2026’). Scary overlap with decentralized infra.

The Board

AI Prompt Injection Attacks: How They Work and Why They Matter [2026]

Prompt injection is the #1 vulnerability in LLM applications. Technical breakdown of attack vectors, real-world exploits, and defense strategies fo...

The exploit of Bisq1 happened over the way the multisig trade protocol worked (fixed by now, code is being further reviewed to scan for other potential weaknesses). Bisq2 is a completely new codebase, a new application, and only uses the Bisq Easy protocol as of now, it doesn't even touch your btc directly.